The FTC amended the Safeguards Rule to require non-banking institutions to report certain data breaches. Also, the FTC enforced actions against defendants who misleadingly marked up the cost of cars and who falsely claimed that its products could stop harmful bacteria and viruses. More on these updates, after the jump.

Tuesday, October 24, 2023

COVID-19: Advertising and Marketing

  • The Federal Trade Commission brought action against four defendants who marketed a product as effective at stopping harmful bacteria and viruses, including COVID-19. Defendants claimed that the product, a card to be worn around the neck or clipped onto clothing, killed 99.9% of most harmful bacteria and viruses within a three-foot radius. However, the FTC alleges that the companies have no scientific evidence to support their claims. Despite receiving a warning letter, the companies continued to advertise their products, including claiming that their products were FDA approved, made from EPA-approved materials, and received a FDA “Certificate of Registration” despite no such certificate existing. Three of the four defendants agreed to a settlement that requires payment of $150,000 and that any future claims must be supported by scientific evidence.

Auto Marketplace: Deceptive Conduct

  • In a complaint filed against a Wisconsin auto dealer and its owners, the FTC and State of Wisconsin alleged that defendants used deceptive sales practices to charge consumers additional, unwanted fees when purchasing cars. The complaint further alleges that defendants charged even higher prices for Native American customers, costing them hundreds of dollars in markups to their interest rates and thousands for add-ons in credit transactions. The proposed settlement for the company’s current owners will require defendants to pay $1 million to refund affected consumers as well as implement a fair lending program. The former owners agreed to a settlement that requires defendants to permanently wind down these businesses and pay $100,000 to refund affected consumers.

Friday, October 27, 2023

Bureau of Consumer Protection: Financial Security

  • In a 3-0 vote, the Federal Trade Commission approved an amendment to the Safeguards Rule that requires non-banking institutions to report certain data breaches. Under the new amendment, financial institutions must report as early as possible, and no later than 30 days after discovery, a security breach involving 500 or more consumers. Reporting is mandatory if unencrypted data is compromised without the owner’s authorization.